feat: add ssh keys playbook

fix: basic setup playbook
fix: homelab hosts
2025-07-14 09:11:20 -04:00 · 2025-07-14 09:11:10 -04:00 · 2025-07-14 09:10:34 -04:00
7 changed files with 126 additions and 8 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@ -35,15 +35,15 @@
 ;become_plugins=/home/aleidk/.ansible/plugins/become:/usr/share/ansible/plugins/become

 # (string) Chooses which cache plugin to use, the default 'memory' is ephemeral.
-;fact_caching=memory
+fact_caching=jsonfile

 # (string) Defines connection or path information for the cache plugin
-;fact_caching_connection=
+fact_caching_connection=~/.cache/ansible/

 # (string) Prefix to use for cache plugin files/tables
 ;fact_caching_prefix=ansible_facts

-# (integer) Expiration timeout for the cache plugin data
+# (integer) Expiration timeout for the cache plugin data (24 hours by default)
 ;fact_caching_timeout=86400

 # (list) List of enabled callbacks, not all callbacks need enabling, but many of those shipped with Ansible do as we don't want them activated by default.
@ -134,7 +134,7 @@
 ;hash_behaviour=replace

 # (pathlist) Comma separated list of Ansible inventory sources
-inventory=/etc/ansible/hosts,./hosts/inventory.yaml,./hosts/proxmox.yaml
+inventory=/etc/ansible/hosts,./hosts/inventory.yaml,./hosts/proxmox.yaml,./hosts/homelab.hcloud.yaml

 # (pathspec) Colon separated paths in which Ansible will search for HttpApi Plugins.
 ;httpapi_plugins=/home/aleidk/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi
--- a/hosts/homelab.hcloud.yaml
+++ b/hosts/homelab.hcloud.yaml
@ -0,0 +1,4 @@
+plugin: hetzner.hcloud.hcloud
+
+api_token: "{{ lookup('rbw', 'Hetzner Ansible Token').data.password }}"
+cache: true
--- a/hosts/proxmox.yaml
+++ b/hosts/proxmox.yaml
@ -22,6 +22,7 @@ keyed_groups:
    prefix: distro_

 compose:
+  ansible_host: proxmox_lxc_interfaces | selectattr('name','equalto','eth0') | map(attribute='inet') | first | ansible.utils.ipaddr('address')
 #   ansible_host: proxmox_ipconfig0.ip | default(proxmox_net0.ip) | ansible.utils.ipaddr('address')
-  ansible_host: proxmox_hostname + ".lan"
+#   ansible_host: proxmox_hostname + ".internal"
  ansible_become_method: proxmox_ostyle == "alpine" | ternary("doas", "sudo")
--- a/playbooks/add-ssh-keys.yaml
+++ b/playbooks/add-ssh-keys.yaml
@ -0,0 +1,10 @@
+---
+- name: Add ssh public key to hosts
+  hosts: all
+#   vars:
+  tasks:
+    - name: add keys
+      ansible.posix.authorized_key:
+        user: aleidk
+        state: present
+        key: '{{ lookup("file", "~/.ssh/id_ed25519.pub") }}'
--- a/playbooks/initial-setup.yaml
+++ b/playbooks/initial-setup.yaml
@ -1,9 +1,8 @@
-# yaml-language-server: $schema=https://raw.githubusercontent.com/ansible/ansible-lint/refs/heads/main/src/ansiblelint/schemas/playbook.json
 ---
 - name: Initial setup for VM's in homelab
-  hosts: proxmox_all
+  hosts: all
  user: root
-  vars:
+#   vars:
  tasks:
    - name: Create motd.d dir
      file:
@ -21,6 +20,55 @@
        mode: 0644
        force: true

+    - name: Create issue dir
+      file:
+        path: /etc/issue.d
+        state: directory
+        owner: root
+        group: root
+        mode: 0755
+
+    - name: Change login message
+      template:
+        src: ../files/alpine/motd.j2
+        dest: /etc/issue.d/00-homelab
+        owner: root
+        group: root
+        mode: 0644
+        force: true
+
+    - name: Ensure base groups exists
+      loop:
+        - wheel
+        - root
+        - sudo
+        - admin
+      ansible.builtin.group:
+        name: "{{ item }}"
+        state: present
+
+    - name: Create aleidk user
+      ansible.builtin.user:
+        state: present
+        name: aleidk
+        password: $6$rOcf02AcKTW.A5kO$XBTbBTmeX4WSCX0jKUocFCR325TkAC.NBTYahzAQnCKPVl5hhsaX9sG33ccHGL73uUsC7kdcc4bxkW5tKbBNb1
+        create_home: true
+        append: true
+        groups:
+          - admin
+          - wheel
+          - root
+          - sudo
+        shell: /usr/bin/bash
+
+    - name: Set authorized key taken from file
+      ansible.posix.authorized_key:
+        user: aleidk
+        state: present
+        key: "{{ item }}"
+      loop:
+        - "{{ lookup('rbw', 'warpgate').fields[0].value }}"
+
 - name: Setup alpine machines
  hosts: distro_alpine
  user: root
@ -53,3 +101,46 @@
  handlers:
    - name: Update Apk Packages
      command: /sbin/apk upgrade -U -a
+
+- name: Setup docker
+  hosts: group_docker
+  user: root
+  tasks:
+    - name: Ensure the docker group exists
+      ansible.builtin.group:
+        name: docker
+        state: present
+
+    - name: Create add docker group to users
+      ansible.builtin.user:
+        state: present
+        name: aleidk
+        append: true
+        groups:
+          - docker
+
+- name: Setup cockpit
+  hosts: proxmox_all
+  user: root
+#   vars:
+#     cockpit_packages:
+#       - cockpit    ## Default list
+#       - cockpit-bridge
+# #       - cockpit-networkmanager
+#       - cockpit-packagekit
+# #       - cockpit-selinux
+#       - cockpit-storaged
+#       - cockpit-system
+# #       - cockpit-ws
+# #       - cockpit-389-ds
+#       - cockpit-composer
+# #       - cockpit-dashboard
+#       - cockpit-doc
+# #       - cockpit-kdump
+#       - cockpit-machines
+# #       - cockpit-pcp
+#       - cockpit-podman
+# #       - cockpit-session-recording
+#       - cockpit-sosreport
+  roles:
+    - linux-system-roles.cockpit
--- a/pyproject.toml
+++ b/pyproject.toml
@ -6,6 +6,7 @@ readme = "README.md"
 requires-python = ">=3.13"
 dependencies = [
    "ansible>=11.1.0",
+    "netaddr>=1.3.0",
    "paramiko>=3.5.0",
    "passlib>=1.7.4",
 ]
--- a/uv.lock
+++ b/uv.lock
@ -118,6 +118,7 @@ version = "0.1.0"
 source = { virtual = "." }
 dependencies = [
    { name = "ansible" },
+    { name = "netaddr" },
    { name = "paramiko" },
    { name = "passlib" },
 ]
@ -125,6 +126,7 @@ dependencies = [
 [package.metadata]
 requires-dist = [
    { name = "ansible", specifier = ">=11.1.0" },
+    { name = "netaddr", specifier = ">=1.3.0" },
    { name = "paramiko", specifier = ">=3.5.0" },
    { name = "passlib", specifier = ">=1.7.4" },
 ]
@ -169,6 +171,15 @@ wheels = [
    { url = "https://files.pythonhosted.org/packages/4f/65/6079a46068dfceaeabb5dcad6d674f5f5c61a6fa5673746f42a9f4c233b3/MarkupSafe-3.0.2-cp313-cp313t-win_amd64.whl", hash = "sha256:e444a31f8db13eb18ada366ab3cf45fd4b31e4db1236a4448f68778c1d1a5a2f", size = 15739 },
 ]

+[[package]]
+name = "netaddr"
+version = "1.3.0"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/54/90/188b2a69654f27b221fba92fda7217778208532c962509e959a9cee5229d/netaddr-1.3.0.tar.gz", hash = "sha256:5c3c3d9895b551b763779ba7db7a03487dc1f8e3b385af819af341ae9ef6e48a", size = 2260504 }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/12/cc/f4fe2c7ce68b92cbf5b2d379ca366e1edae38cccaad00f69f529b460c3ef/netaddr-1.3.0-py3-none-any.whl", hash = "sha256:c2c6a8ebe5554ce33b7d5b3a306b71bbb373e000bbbf2350dd5213cc56e3dbbe", size = 2262023 },
+]
+
 [[package]]
 name = "packaging"
 version = "24.2"
Author	SHA1	Message	Date
aleidk	1fb19fde53	feat: add ssh keys playbook	2025-07-14 09:11:20 -04:00
aleidk	7bbd83171a	fix: basic setup playbook	2025-07-14 09:11:10 -04:00
aleidk	82f614eb47	fix: homelab hosts	2025-07-14 09:10:34 -04:00